Australian Public Service Agencies using ITC gateways are to have their security strengthened in a joint project involving the Digital Transformation Agency (DTA), the Australian Signals Directorate (ASD), and the Australian Cyber Security Centre (ACSC).
In a statement, the DTA said Secure Internet Gateways (SIGs) provided organisations with cyber-security protection at the perimeter between their networks and the internet.
“SIGs play an important role in a layered cyber-security defence and can be shared between multiple organisations, providing the benefits of a common suite of cyber-security defences,” it said.
The DTA said a system of Cyber Hubs would centralise the management and operations of Commonwealth entities for cyber monitoring, detection and response capabilities.
“It is envisioned that the future Cyber Hubs operating model — informed by a recently launched pilot — will involve these Hubs providing a range of cyber-security services,” it said.
“This will include SIG services to non-corporate Commonwealth entities.
“As such, consideration is being given to how SIG services should integrate with a future Cyber Hubs model.”
The DTA promised it would provide timely advice to Commonwealth entities, Cyber Hub providers and industry during the development of the Cyber Hubs, subject to Government approval.
“In addition, the SIG policy is being modernised so that it is consistent with and supports the implementation of Cyber Hubs, and so that Commonwealth entities, using existing SIGs, can readily adopt the new technologies and capabilities,” it said.
“These policy changes will include the ASD ceasing its certification authority role for commercial or Government SIGs.
“This will better enable and encourage the adoption of emerging cyber-security technologies and capabilities by entities.”
The DTA said Commonwealth entities would be empowered to adopt a new risk-based authorisation model, consistent with the consideration of other cyber architecture such as the adoption of cloud environments.
“Security guidance, co-designed by the ACSC with Government and industry from key stakeholder groups, will be developed through consultative forums to support the policy enhancements,” the Agency said.
